1 / 31

Session 3: Extended Branch Services Design

Session 3: Extended Branch Services Design. Rick Claus IT Pro Advisor Microsoft Canada rick.claus@microsoft.com. Rodney Buike IT Pro Advisor Microsoft Canada rodney.buike@microsoft.com. http://blogs.technet.com/canitpro. Session Goals:.

MikeCarlo
Download Presentation

Session 3: Extended Branch Services Design

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Session 3:Extended Branch Services Design Rick Claus IT Pro Advisor Microsoft Canada rick.claus@microsoft.com Rodney Buike IT Pro Advisor Microsoft Canada rodney.buike@microsoft.com http://blogs.technet.com/canitpro

  2. Session Goals: • Provide insight into what extended services can be implemented at Branch Offices • How to configure and tune Active Directory, DFS for the Branch • Protecting mission critical components in a distributed network • Best Practices, Tools and Tips

  3. Agenda • Installing Branch DC • Site Design considerations • Distributed File System and Remote Differential Compression • Protecting Mission Critical Services

  4. Accelerated Branch Office • Advantages/Disadvantages • Control is centralized • Monitoring and management processes can be standardized • Replication of data to branch can reduce the impact of WAN problems • Processes support quick response to local business needs • Security risks in branch office can increase risks to corporate data Hub Site Branch Office Infrastructure Topologies • Directory services • DHCP, DNS, WINS • Messaging services • Management services • Directory services • DHCP, DNS, WINS • File and Print • Application services • Messaging services • Management services • Directory services • DHCP, DNS, WINS • File and Print • Application services • Messaging services • Management services

  5. Large Site Branch Office 128K Connecting Branch OfficesCreate Domain Controller from Replica

  6. Connecting Small OfficesUGMC Scenarios • Scenarios: • Branch offices connected to a Global Catalog server with a low speed WAN link • Offices experiences slow logons due to Universal Group Membership processing • Benefits: • Faster logon without a Global Catalog server in the site

  7. GC GC Univ Groups Query Large Office DC 128K Branch Office Connecting Branch OfficesUniversal Group Membership Caching Universal Group 1 Universal Group 2 Logon is faster because group memberships are cached locally!

  8. Demo Creating a Branch Office Domain Controller …

  9. Agenda • Installing Branch DC • Site Design considerations • Distributed File System and Remote Differential Compression • Protecting Mission Critical Services

  10. Site Functions Domain Site 1 Site 3 Site 2

  11. MTL TOR Default-First-Site-Link Connection Transports • RPC over IP • SMTP VAN Site Links TOR-MTL TOR-VAN MTL-VAN

  12. MTL TOR-MTL TOR TOR-VAN MTL-VAN VAN Site Link Cost KBps: 256 Cost: 425 KBps: 9.6 Cost: 1024 KBps: 256 Cost: 425

  13. Demo Configuring Active Directory in the Branch Office …

  14. Agenda • Installing Branch DC • Site Design considerations • Distributed File System and Remote Differential Compression • Protecting Mission Critical Services

  15. Toronto Virtual Namespace Vancouver Vancouver Branch Office User Distributed File System Overview

  16. Data Collection • Consolidate Content • Back Up Data • Data Publication • Distribute Content • Reliable Access • Loose Collaboration • Local Access • Content Sharing DFS Deployment Scenarios

  17. Site Proximity Sorting Multiple DFS Namespaces UNC Path Support Improved Management Tools Link Target Prioritization Improved Fail-Back Control DFS Namespace Features Windows Server 2003 Windows Server 2003 R2

  18. DFS Replication Features • Active Directory Based Configuration • Uses Remote Differential Compression

  19. File.txt File.txt The quick fox The quick fox The quick fox jumped over jumped over jumped over the lazy brown dog the lazy dog the lazy dog the lazy brown dog who was asleep. who was asleep. who was asleep. Remote Differential Compression Sending Server Receiving Server Request file Updated file Differential hashes Request changes Transfer changes

  20. Update Active Directory schema • DFS classes and attributes • Windows 2000 or 2003 domain controllers • Not between forests • Between different domains in a forest • Cross-file RDC • Requires Enterprise or Data Center DFS Replication Requirements

  21. Demo Configuring DFSR in the Branch Office …

  22. DFS Namespace Starting DFS 1. Domain Controller Replication 2. DFS Member Server Polls AD 3. Replication Primary Member

  23. Agenda • Installing Branch DC • Site Design considerations • Distributed File System and Remote Differential Compression • Protecting Mission Critical Services

  24. Reference Network

  25. Antigen IM and Documents Antigen Antigen Antigen Antigen LayeredDefenses IntegrationwithInfrastructure Protection fromLatest Threats Mission Critical Services Live Communications Server Viruses Worms SharePoint Server E-mail ISA Server Exchange Servers Windows SMTP Server

  26. Multiple Layers of Protection

  27. Sandboxing Signature Files Heuristics Phishing Detection Multiple Technologies

  28. Scan Engine #3 Scan Engine #3 Scan Engine #1 Scan Engine #1 Scan Engine #2 Scan Engine #2 Scan Engine #4 Scan Engine #4 Antigen Multiple Engine Scanning

  29. Demo Protecting with Antigen Security for Exchange …

  30. Session Summary • Implement DCs & GCs in Branch Offices enable you to extend mission critical services out beyond HQ • Site definitions with proper Cost values are required for proper DFS Failover • Multi-layered defences for your mission critical applications are your best approach to security

  31. Join us for the next session on: Session 4:Ongoing Management and Optimization

More Related